Fortinet FCSS_EFW_AD-7.4 Übungsprüfungen
Zuletzt aktualisiert am 27.08.2025- Prüfungscode: FCSS_EFW_AD-7.4
- Prüfungsname: FCSS - Enterprise Firewall 7.4 Administrator
- Zertifizierungsanbieter: Fortinet
- Zuletzt aktualisiert am: 27.08.2025
Examine the output from the ‘diagnose vpn tunnel list’ command shown in the exhibit; then answer the question below.
Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?
- A . diagnose sniffer packet any ‘port 500’
- B . diagnose sniffer packet any ‘esp’
- C . diagnose sniffer packet any ‘host 10.0.10.10’
- D . diagnose sniffer packet any ‘port 4500’
Which of the following tasks are part of the manual registration process for adding a FortiGate to a FortiManager for central management? (Choose three.)
- A . Wait for the rating databases to download on FortiManager.
- B . In the FortiManager, add the unregistered FortiGate.
- C . Import the policy package from the managed FortiGate.
- D . Start the rating services on FortiManager.
- E . Add the FortiManager IP address to the FortiGate’s central management configuration.
Which two conditions would prevent a static route from being added to the routing table? (Choose two.)
- A . There is another other route to the same destination, with a lower distance.
- B . The route has a lower priority value than another route to the same destination.
- C . The next-hop IP address is unreachable.
- D . The interface specified in the route configuration is down
Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)
- A . Installing configuration changes to managed devices.
- B . Importing interface mappings from managed devices.
- C . Adding devices to FortiManager.
- D . Previewing pending configuration changes for managed devices.
An administrator is running the following sniffer in a FortiGate:
diagnose sniffer packet any “host 10.0.2.10” 2
What information is included in the output of the sniffer? (Choose two.)
- A . Ethernet headers.
- B . IP payload.
- C . IP headers.
- D . Port names.
Refer to the exhibits.
The exhibits show a network diagram, the output from the command config system ha, and a firewall policy.
What source MAC address does the web server detect when a user accesses it?
- A . The virtual MAC address of FortiGate B.
- B . The physical MAC address of FortiGate B.
- C . The virtual MAC address of FortiGate A.
- D . The physical MAC address of FortiGate A.
Examine the output of the ‘get router info bgp summary’ command shown in the exhibit; then answer the question below.
Which statements are true regarding the output in the exhibit? (Choose two.)
- A . BGP state of the peer 10.125.0.60 is Established.
- B . BGP peer 10.200.3.1 has never been down since the BGP counters were cleared.
- C . Local BGP peer has not received an OpenConfirm from 10.200.3.1.
- D . The local BGP peer has received a total of 3 BGP prefixes.
Examine the partial output from two web filter debug commands; then answer the question below:
Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?
- A . Finance and banking
- B . General organization.
- C . Business.
- D . Information technology.
When does a RADIUS server send an Access-Challenge packet?
- A . The server does not have the user credentials yet.
- B . The server requires more information from the user, such as the token code for two-factor authentication.
- C . The user credentials are wrong.
- D . The user account is not found in the server.
Refer to the exhibit, which contains partial outputs from two routing debug commands.
Why is the port2 default route not in the second command’s output?
- A . It has a lower priority value that the default route using port1.
- B . It has a higher priority value than the default route using port1.
- C . It is disabled in the FortiGate configuration.
- D . It has a higher distance than the default route using port1.